The Information Systems Security Manager (ISSM) will report to the Facility Security Officer (FSO) and will be responsible for the classified computing environment and implementing and maintaining the information assurance program for all classified computer systems as well as other industrial security duties assigned by the FSO..
Duties and Responsibilities:
Develops and maintains all DoD requirements, including the DAAPM & Risk Management Framework (RMF) standards to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM)
Provide Subject Matter Expertise to the FSO on all classified information systems security matters and liaison to the local Defense Security Service (DSS) Information Systems Security Professional (ISSP) on all matters pertaining to classified information systems
Develops, implements, and administers security procedures for classified computer systems based on the DSS and other U.S. Government agency security requirements
Implement local policies, processes, procedures and compliance with all National Industrial Security Program (NISP) and Defense Security Service Assessments and Authorization Process Manual (DAAPM) requirements
Manages the security configurations of all classified information systems to ensure compliance with DSS baseline requirements
Complete operating system upgrades (i.e Windows 10, Windows XP to Windows 7, or Windows 7 to Windows 10) as directed by the government agency
Reviews and approves requests for access to cleared computer systems
Assists in the development and implementation of policies and System Security Plans supporting government agency requirements
Conducts periodic self-inspections on local processes and practices to ensure NISPOM and DSS compliance; accurately reports security posture to site, group and corporate leadership
Develops, conducts, coordinates, and delivers site information systems security education program requirements to all users of the classified information system(s) supporting classified programs
Applies current computer science technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems.
Identifies and documents unique local threats and vulnerabilities to classified information systems security
Ensures that periodic self-assessments of the facility's classified information systems are conducted as part of the overall facility self-inspection program and that all corrective actions are taken
Develops and implements maintenance procedures based on requirements provided by the cognizant security authority
Conducts and coordinates investigations into security violations related to classified information systems; ensures corrective actions are implemented
Conducts weekly audits, updates antivirus definitions, and patches for all classified information systems in accordance with DSS requirements and local procedures.
Perform other industrial security duties as assigned by the FSO.
Preferred Skills and Experience:
A , Network , CISSP, Security Certifications are a plus
Completion of the DSS CDSE/STEPP ISSM Training Curriculum (RMF courses)
A robust knowledge and understanding of NIST Special Publication 800-53, ISO27001, DoD 8510.01, NISPOM, & ICDs
Active Secret Security Clearance required. Top Secret Security Clearance preferred.
Experience managing Linux and Windows DSS accredited information systems
Experience with the SCAP Compliance Checker
Experience upgrading operating systems in a networked environment
L3 Technologies is an Equal Opportunity Employer. We encourage minorities, women, veterans and disabled individuals to apply. Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen.